Exim version 4.22 ----------------- 1. Removed HAVE_ICONV=yes from OS/Makefile-FreeBSD, since it seems that iconv() is not standard in FreeBSD. 2. Change 4.21/17 was buggy and could cause stack overwriting on a system with IPv6 enabled. The observed symptom was a segmentation fault on return from the function os_common_find_running_interfaces() in src/os.c. 3. In the check_special_case() function in daemon.c I had used "errno" as an argument name, which causes warnings on some systems. This was basically a typo, since it was named "eno" in the comments! 4. The code that waits for the clock to tick (at a resolution of some fraction of a second) so as to ensure message-id uniqueness was always waiting for at least one whole tick, when it could have waited for less. [This is almost certainly not relevant at current processor speeds, where it is unlikely to ever wait at all. But we try to future-proof.] 5. The function that sleeps for a time interval that includes fractions of a second contained a race. It did not block SIGALRM between setting the timer, and suspending (a couple of lines later). If the interval was short and the sigsuspend() was delayed until after it had expired, the suspension never ended. On busy systems this could lead to processes getting stuck for ever. 6. Some uncommon configurations may cause a lookup to happen in a queue runner process, before it forks any delivery processes. The open lookup caching mechanism meant that the open file or database connection was passed into the delivery process. The problem was that delivery processes always tidy up cached lookup data. This could cause a problem for the next delivery process started by the queue runner, because the external queue runner process does not know about the closure. So the next delivery process still has data in the lookup cache. In the case of a file lookup, there was no problem because closing a file descriptor in a subprocess doesn't affect the parent. However, if the lookup was caching a connection to a database, the connection was closed, and the second delivery process was likely to see errors such as "PGSQL: query failed: server closed the connection unexpectedly". The problem has been fixed by closing all cached lookups in a queue runner before running a delivery process. 7. Compiler warning on Linux for the second argument of iconv(), which doesn't seem to have the "const" qualifier which it has on other OS. I've parameterised it. 8. Change 4.21/2 was too strict. It is only if there are two authenticators *of the same type* (client or server) with the same public name that an error should be diagnosed. 9. When Exim looked up a host name for an IP address, but failed to find the original IP address when looking up the host name (a safety check), it output the message " does not match any IP for NULL", which was confusing, to say the least. The bug was that the host name should have appeared instead of "NULL". 10. Since release 3.03, if Exim is called by a uid other than root or the Exim user that is built into the binary, and the -C or -D options is used, root privilege is dropped before the configuration file is read. In addition, logging is switched to stderr instead of the normal log files. If the configuration then re-defines the Exim user, the unprivileged environment is probably not what is expected, so Exim logs a panic warning message (but proceeds). However, if deliver_drop_privilege is set, the unprivileged state may well be exactly what is intended, so the warning has been cut out in that case, and Exim is allowed to try to write to its normal log files. ****